China's theft of US intellectual property

Lawmakers press for answers about China's supply chain hack
By Derek Hawkins

Sen. Marco Rubio (R-Fla.) on Capitol Hill in Washington on Aug. 2. 

Lawmakers are prying into a controversial report that Chinese spies installed surveillance microchips in servers used by Apple, Amazon and other American companies.
On Wednesday, Sens. Marco Rubio (R-Fla.) and Richard Blumenthal (D-Conn.) wrote to Supermicro, the firm that manufactured the compromised hardware, asking whether it had detected any such tampering in its products. 

The senators said “the nature of the claims raised alarms that must be comprehensively addressed.”
“We are alarmed by the dangers posed by back doors, and take any claimed threat to the nation’s networks and supply chain seriously,” they said. 

“These new allegations require thorough and urgent investigation for customers, law enforcement and Congress.”
Other lawmakers on the Hill have fired off similar missives. 

Sen. John Thune (R-S.D.) wrote to Apple, Amazon and Supermicro requesting staff briefings about the Bloomberg article by Friday. 

And House Oversight Committee Chairman Trey Gowdy (R-S.C.) and Intelligence Committee Chairman Devin Nunes (R-Calif.) called on the heads of the FBI, Department of Homeland Security and the Office of the Director of National Intelligence to provide a classified briefing on the matter by Oct. 22. (Amazon.com founder and chief executive Jeffrey P. Bezos owns The Washington Post.)
The flurry of requests underscores long-standing concerns in Congress about the potential for China to conduct cyber espionage by infiltrating the supply chain. 

So lawmakers aren’t taking any chances with the allegations raised in it.
“If this news report is accurate, the potential infiltration of Chinese back doors could provide a foothold for adversaries and competitors to engage in commercial espionage and launch destructive cyber attacks,” Rubio and Blumenthal wrote.

The explosive Bloomberg report said that operatives from a unit of the People’s Liberation Army secretly installed the surveillance chips in Supermicro motherboards during the assembly process in China, creating a “stealth doorway” into networks that used the machines. 

Citing unnamed government and corporate officials, the report described it as the “most significant supply chain attack known to have been carried out against American companies.”

Sen. Ron Johnson (R-Wis.), chairman of the Homeland Security Committee, said in a hearing Wednesday morning that he found the story credible. 

He asked FBI Director Christopher A. Wray and Homeland Security Secretary Kirstjen Nielsen, who testified in the hearing, whether they were aware of “implantation of chips in the supply chain.”
Wray deflected. 

“Be careful what you read in this context,” he said, adding that he was barred from commenting on whether the FBI was investigating the matter. 

Nielsen said that supply chain hacks are "a very real and emerging threat that we are very concerned about." 

Indeed, the article seemed to channel some of Washington’s worst anxieties about supply chain security.
Lawmakers and federal officials have long fretted over whether a foreign adversary could carry out such an infiltration, and over the past year they’ve taken steps to try to prevent it. 

Last fall, DHS directed federal agencies to stop using software made by the Russian cybersecurity contractor Kaspersky over concerns that Moscow’s intelligence services could use the company to conduct cyber espionage. 

Shortly after, Congress banned federal agencies from using Kaspersky’s products as part of the defense spending bill. 

Lawmakers and military officials have raised similar fears that Chinese telecom giants ZTE and Huawei could be used as conduits for Beijing to spy on U.S. citizens, companies and government offices. 

This year, lawmakers abandoned an effort to prohibit federal agencies and contractors from doing business with ZTE at the request of the White House.

China a bigger security threat than Russia, says FBI Director Wray

Nielsen also warned senators that China “absolutely” is “exerting unprecedented effort to influence American opinion" in her appearance before the Senate Homeland Security and Governmental Affairs Committee on Wednesday. 

Nielsen testified alongside Wray and Russell Travers, the acting director of the National Counterterrorism Center at the Office of the Director of National Intelligence.
Asked by Sen. Jon Kyl (R-Ariz.) to assess the risk that Beijing's cyber activities and disinformation efforts represent in comparison to Russia, Wray replied that he was “reluctant to try to rank threats” but added that “China in many ways represents the broadest, most complicated, most long-term counterintelligence threat we face.” 

Wray told Kyl that China will remain a threat to the United States in the long run. 

“Russia is in many ways fighting to stay relevant after the fall of the Soviet Union. They're fighting today's fight,” Wray said. 

“China is fighting tomorrow's fight, and the day after tomorrow, and the day after that. And it affects every sector of our economy, every state in the country and just about every aspect of what we hold dear.”

New evidence of Chinese tampering with Supermicro hardware found in US telecoms company

A security expert has provided evidence that reveals how China’s intelligence services had ordered subcontractors to plant malicious chips in server motherboards
Bloomberg News

A major American telecommunications company discovered manipulated hardware from Super Micro Computer (Supermicro) in its network and removed it in August – fresh evidence of China tampering in critical technology components bound for the US, a security expert working for the company has said.
The expert, Yossi Appleboum, provided documents, analysis and other evidence of the discovery that detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Supermicro server motherboards over a two-year period ending in 2015.
Appleboum previously worked in the technology unit of the Israeli Army Intelligence Corps and is now co-chief executive officer of Sepio Systems in Gaithersburg, Maryland.

His firm specialises in hardware security and was hired to scan several large data centres belonging to the telecommunications company. 

The company is not being identified because of Appleboum’s nondisclosure agreement with the client.

Unusual communications from a Supermicro server and a subsequent physical inspection revealed an implant built into the server’s Ethernet connector, a component that’s used to attach network cables to the computer, Appleboum said. 

He said he has seen similar manipulations of different vendors’ computer hardware made by contractors in China, not just products from Supermicro.
Appleboum said his concern was that there are countless points in the supply chain in China where manipulations could be introduced, and deducing them can in many cases be impossible. 

“That’s the problem with the Chinese supply chain,” he said.
Headquartered in San Jose, California, Supermicro was founded in 1993 by Taiwanese-American Charles Liang. 

Bloomberg News first contacted Supermicro for comment on this story on Monday morning Eastern time and gave the company 24 hours to respond.
Supermicro said after a Bloomberg BusinessWeek report last week that it “strongly refutes” reports that servers it sold to customers contained malicious microchips. 

China’s embassy in Washington did not return a request for comment on Monday.
Chinese mole or Trojan horse: Charles Liang opened gates to Chinese intelligence services.

In response to the earlier Bloomberg BusinessWeek investigation, China’s Ministry of Foreign Affairs didn’t directly address questions about the manipulation of Supermicro servers but said supply chain security was “an issue of common concern”.
The more recent manipulation is different from the one described in the report last week, but it shares key characteristics: They’re both designed to give attackers invisible access to data on a computer network in which the server is installed, and the alterations were found to have been made at the factory as the motherboard was being produced by a Supermicro subcontractor in China.
Based on his inspection of the device, Appleboum determined that the telecoms company’s server was modified at the factory where it was manufactured. 

He said that he was told by Western intelligence contacts that the device was made at a Supermicro subcontractor factory in Guangzhou, a port city in southeastern China.
Guangzhou is 90 miles upstream from Shenzhen, called the “Silicon Valley of Hardware”, and home to giants such as Tencent Holdings and Huawei Technologies.
The tampered hardware was found in a facility that had large numbers of Supermicro servers, and the telecommunications company’s technicians couldn’t answer what kind of data was pulsing through the infected one, said Appleboum, who accompanied them for a visual inspection of the machine.

It’s not clear if the telecommunications company contacted the FBI about the discovery. 

An FBI spokeswoman declined to comment on whether it was aware of the finding.
Representatives for AT&T and Verizon had no immediate comment on whether the malicious component was found in one of their servers. 

T-Mobile US and Sprint didn’t immediately respond to requests for comment.
Sepio Systems’ board includes Chairman Tamir Pardo, former director of the Israeli Mossad, the national defence agency of Israel, and its advisory board includes Robert Bigman, former chief information security officer of the US Central Intelligence Agency.
US communications networks are an important target of Chinese intelligence agencies because data from millions of mobile phones, computers, and other devices pass through their systems. 

Hardware implants are key tools used to create covert openings into those networks, perform reconnaissance and hunt for corporate intellectual property or government secrets.
In emails, Appleboum and his team refer to the implant as their “old friend” because he said they had previously seen several variations in investigations of hardware made by other companies manufacturing in China.

In Bloomberg Businessweek’s report, one official said investigators found that the Chinese infiltration through Supermicro reached almost 30 companies, including Amazon and Apple.
People familiar with the federal investigation into the 2014-2015 attacks say that it is being led by the FBI’s cyber and counter-intelligence teams, and that the Homeland Security Department may not have been involved.
Counter-intelligence investigations are among the FBI’s most closely held, and few officials and agencies outside those units are briefed on the existence of those investigations.
Appleboum said that he had consulted intelligence agencies outside the US and that they told him they had been tracking the manipulation of Supermicro hardware, and the hardware of other companies, for some time.

Rogue Nation

China is secretly hacking computer motherboards. The economic fallout is huge.
By Henry Farrell and Abraham Newman

An electronic data display showing a map of China at the Global Mobile Internet conference in Beijing. 

Bloomberg has just published an explosive article claiming that a secret unit in the Chinese military has compromised the motherboards (the systems of chips and electronics that allow computers to work) of servers used by Apple, a bank and various government contractors.
China’s exploit was discovered when Amazon did due diligence on a company that it was acquiring, which used servers with the compromised motherboards. 

Like China, both Apple and Amazon have issued statements denying the Bloomberg claims, but Bloomberg is confident that it’s correct, saying it has multiple sources inside Amazon and the intelligence community. (Amazon chief executive Jeffrey P. Bezos owns The Washington Post.)
The exploit involved tiny components — some the size of a sharpened pencil tip — that were very difficult to spot but that provided a backdoor to the servers into which they were built. 

The components could communicate with external computers and download instructions from them, which allow Chinese military hackers to compromise passwords and gain control over what the servers did. 

If the servers were used for sensitive tasks, this kind of access could have massive security repercussions.
What is economically important, however, is how the Chinese military did this. 

They weaponized the complex supply chain through which most sophisticated electronics are built. That has huge implications for the world economy.

We live in a world of complex global supply chains
People usually think of economic globalization as involving trade in final products — cars being shipped across the U.S. border from Canada or Mexico. 

That only scratches the surface of the globalized economy, which involves not only trade in completed products but also in components and finishing. 

A complex product such as a computer may be built from components made by hundreds — or even thousands — of specialized manufacturers, located across multiple countries. 

This creates vast economic efficiencies and provides enormous economic savings, allowing companies — and even entire regional or national economies — to reap the benefits of specialization and consumers to get cheaper and better made products.
Over the last couple of decades, China has become an increasingly important supplier of technological goods. 

Chinese companies such as Foxconn specialize in manufacturing and integrating common consumer products such as iPhones. 

However, China lacks capacity in some important areas, such as the design and manufacture of high-end chips.
All this means that the world manufacturing economy relies on globalized supply chains, with myriad specialized subcontractors. 

Until recently, public debate has mostly focused on the trade-offs between the economic advantages and the human costs of these supply chains. 

For example, supply chains in the garment industry often involve the exploitation of poor workers in sweatshops for brand name goods sold in American stores, leading to increasing pressure on the brand-name manufacturers to ensure humane working conditions in their suppliers and sub-suppliers. Now, however, a new set of security problems is emerging.

Globalized supply chains increase interdependence
Global supply chains were what allowed the Chinese to hack the motherboards of servers used by U.S. companies. 

These servers were assembled by Supermicro, a U.S.-based supplier of specialized high-end servers. 

Supermicro relied on Chinese factories to provide them with motherboards and other components. 

These motherboards were then compromised by the Chinese military, which bribed or threatened four key subcontractors to get them to install the hardware-based backdoor systems.
A world of global supply chains is a world where countries’ economies and manufacturing systems are increasingly interdependent, so that if something goes wrong, everyone suffers. 

When a single factory caught fire in 2013, the price of commonly used memory chips shot up — because every computer manufacturer relied on a very small number of manufacturers.
Our academic research explores how countries are increasingly starting to weaponize interdependence— using these vulnerabilities and choke points for strategic advantage. 

China’s hacking of motherboards is a perfect example of this. 

As the Bloomberg article recounts, Chinese manufacturers dominate key aspects of computer hardware manufacturing. 

While some naive people had been confident that China would never hack exported components en masse — for fear of the damage that it would do to the Chinese economy — the Bloomberg article suggests that they have succumbed to temptation. 

The economic consequences are enormous
If the Bloomberg report is confirmed — and especially if it is one particular example of a broader problem — there will be very big economic repercussions. 

The U.S. economy and China’s economy are deeply interdependent. 

If the U.S. believes that Chinese firms are using this interdependence strategically to compromise U.S. technology systems with hardware components that undermine security, there will be pressure on the United States to systematically disengage from China and, perhaps, from global supply chains more generally.
This could have substantial knock-on repercussions for international trade, leading eventually to a world in which countries are much less willing to outsource components of sensitive systems to foreign manufacturers. 

Because we live in a world where technology is becoming ever more connected and ever more exploitable, this might mean that large swaths of the global economy are pulled back again behind national borders. 

The United States is already highly suspicious of Chinese telecommunications manufacturers, while organizations closely linked to U.S. intelligence are calling for a far more systematic reappraisal of the security implications of supply chains. 

It may be that the globalized economy of the 1990s and 2000s was a brief aberration, which will be replaced by more constrained and limited international exchange between economies that keep the important parts of their manufacturing economy at home.